Manualshelf

R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
21222324252627282930
16
Related commands
hwtacacs scheme
radius scheme
super authentication-mode (Fundamentals Command Reference)
authorization command
Use authorization command to configure the command line authorization method.
Use undo authorization command to restore the default.
Syntax
authorization command { hwtacacs-scheme hwtacacs-scheme-name [ local | none ] | local | none }
undo authorization command
Default
The default authorization method for the ISP domain is used for command line authorization.
Views
ISP domain view
Default command level
2: System level
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
local: Performs local authorization.
none: Does not perform any authorization exchange. In this case, an authenticated user can access only
commands of Level 0.
Usage guidelines
The specified HWTACACS scheme must have been configured.
With command line authorization configured, a user who has logged in to the device can execute only
the commands with a level lower than or equal to that of the local user.
Examples
# Configure ISP domain test to use local command line authorization.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization command local
# Configure ISP domain test to use HWTACACS scheme hwtac for command line authorization and use
local authorization as the backup.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization command hwtacacs-scheme hwtac local
Related commands
local-user